Описание
Security update for tor
This update to tor 0.2.9.11 fixes the following vulnerabilities:
- CVE-2017-0375: remotely triggerable assertion failure when a hidden service handles a malformed BEGIN cell (bsc#1043455)
- CVE-2017-0376: remotely triggerable assertion failure caused by receiving a BEGIN_DIR cell on a hidden service rendezvous circuit (bsc#1043456)
Список пакетов
openSUSE Leap 42.2
tor-0.2.9.11-8.3.1
Ссылки
- E-Mail link for openSUSE-SU-2017:1569-1
- SUSE Security Ratings
Описание
The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the relay_send_end_cell_from_edge_ function via a malformed BEGIN cell.
Затронутые продукты
openSUSE Leap 42.2:tor-0.2.9.11-8.3.1
Ссылки
- CVE-2017-0375
- SUSE Bug 1043455
Описание
The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the connection_edge_process_relay_cell function via a BEGIN_DIR cell on a rendezvous circuit.
Затронутые продукты
openSUSE Leap 42.2:tor-0.2.9.11-8.3.1
Ссылки
- CVE-2017-0376
- SUSE Bug 1043456